* Added idempotency logic to openssl_pkcs12
Also decoupled the 'parse' and 'generate' function from the file write
as they are now used in different places that do not need the file to be
written to disk.
* Added idempotency tests for openssl_pkcs12
Also adds a new test for pkcs12 files with multiple certificates
* Regenerate if parsed file is invalid
* pkcs12_other_certificates check was wrong
* Updated ca_certificates to other_certificates
ca_certificates is left as an alias to other_certificates;
friendlyname depends on private key, so it will be ignored while
checking for idempotency if the pkey is not set;
idempotency check only checks for correct certs in the stack
* use different keys for different certs
* Added other_certificates in module docs
* Added changelog and porting guide
* removed unrelated porting guide entry
* renamed ca_cert* occurrence with other_cert
Check allows vmware_dvs_portgroup to fail early if user
specified invalid range in VLAN id(s).
Fixes: #54927
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* win_firewall_rule only changes specified arguments
defaults are controlled by com object
integration test for built in rule
* removed ignore psaliases for win_firewall_rule
* direction and action are no longer required
program and service respect default values
documentation updated to reflect that defaults apply to rule creation
added test to disable a rule and verify other values have not changed
* fixed extra whitespace
* Move each description sentance to a new entry
* Don't pollute include_variables. Fixes#51667. Fixes#54618.
* Rename include_variables to include_args, so we can make the distinction about what they are
* Track args and vars separately
* oops
* oops again
* linting fix
* Add test
- Fixed issue #25017,#37567
- Add example for prompt on launch
- Add integration test for prompt on launch
Signed-off-by: Hideki Saito <saito@fgrep.org>
* updated tests and changelog for 54516
* Handle errors if PG does not support partitioning.
* Check for PG > 10 in tasks
* Show changes for partitioned tables in ansible
* Added documentation in the tests
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Update test/integration/targets/postgresql/tasks/postgresql_privs.yml
Co-Authored-By: raymondroelands <raymondroelands@users.noreply.github.com>
* Added check for 0 tables after revoking rights
* Added test and moved tests
Added check mode test and moved test right after the change.
* Rebased postgresql_privs.py
* Add win_format
* Some doc changes were missed
* Fixes for ansible-test, additional assertion for check mode
* Fix -WhatIf issues
* Support for idempotency and changes to integration tests
* Fix trailing whitespace
* Fixes from review, and added check for non-empty volumes
* Remove an extra line
* Structural changes
* Minor fixes for CI
* Correct behavior so that direction isn't required for default.
* Add more tests.
* 'disabled' values cannot be changed.
* Include 'not specified' in messages.
* fix missing attribs with dirct module execution
* also make remote tmp handling smarter
update tests
* set default if attrib does not exist
* add simple test
* Remove default use of paramiko connection plugin on macOS
This fix was originally to work around a bug that caused a kernel panic on macOS
that has since been fixed.
* Remove paramiko from requirements.txt
* Move paramiko checking to common place
* Drop the warnings obfiscation code
* Update pip installation instructions to reflect upstream instructions
* Fix tests on CentOS 6 (Python 2.6) that now show Python deprecation warnings
* Add changelog fragment
* add asa_og module
* add test
* fix pep8
* fix some sanity pylint
* fix import error order
* fix import
* replace cmd() method
* rename file and class
* add mock for connection
* fix commands in replace test function
* fix lines list
* update unit test
* fix 'and' logic for port-object command
* restore previous unit test; fix pep8 and remove debug
* other unit tests
* Add state present, absent, replace
* Update doc; add default for state
* update unit test with state present/absent
* fix typo in unit test
* fix pep8 too many blank lines
* fix show run for service object ASA Ver 8.x
* Add description field; fix bug for state present and absent
* Re-designed module structure for network, service and port objects
* update integration test for new module structure
* fix pep8
* update EXAMPLES and RETURN
* update units tests
* fix module typos in unit test
* removed provider from examples
* fix missing comma in replace test
* fix module name and remove provider
* update license
* remove register; update license; change import order; chage def state
* remove shebang
* fix doc default state
* change import order
* Update year in banner
* fix integration test as set of tasks
* remove arg_spec
* remove extends_documentation_fragment: asa
* Update DOC, remove unused import, change import order
The controller's fixup_perms2 uses filesystem acls to make the temporary
file for copy readable by an unprivileged become user. On Python3, the
acls are then copied to the destination filename so we have to remove
them from there.
We can't remove them prior to the copy because we may not have
permission to read the file if the acls are not present. We can't
remove them in atomic_move() because the move function shouldn't know
anything about controller features. We may want to generalize this into
a helper function, though.
Fixes#44412
Co-authored-by: Toshio Kuratomi <a.badger@gmail.com>
* Return UnlockKey
* Add changelog fragment
* Add method to check if a parameter exists in diffs
* Add method to get swarm unlock key
* Add option unlock_key
* Only return unlock key when created or changed
* Rename difference check
* Extend unlock key example
* Assert that unlock_key is a string
* Fix docker_swarm_info authors
* Don’t silence APIErrors
* Test unlock_key on unlocked swarm
* Catch APIError when retrieving unlock key
* Better return value description
* Lint
* Fix UnlockKey return value documentation
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Get unlock key safely
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Return None on empty UnlockKey
* Assert swarm_unlock_key is undefined if unqueried
* Add documentation about swarm_info unlock_key
* Add change log fragment for unlock_key option
* Revert "Add change log fragment for unlock_key option"
This reverts commit e3cb2325b552e5d14cc3f42b33a86bf3ee84d3b9.
* Use generator expression instead
* Restart docker more decisively
* Use systemctl kill
Co-Authored-By: hannseman <hannes@5monkeys.se>
* Try to restart docker daemon
* [openssh_cert] cleanup the returned certificate info
- Drop the certificate path - it is already present in rc.filename.
- Drop the leading whitespace for all lines.
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [openssh_cert] add support for a certificate serial number
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [openssh_cert] fix lint error
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [openssh_cert] drop explicit default value
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [openssh_cert] enforce the specified or missing serial number
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [openssh_cert] passing no explicit serial number ignores any present one
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* cloudstack: remove choice list for hypervisor param
* cloudstack: streamline network_type with returned value by the API
* cloudstack: remove E326
* add changelog fragment
* Add win_hosts module
added win_hosts module for easier manipulation of hosts entries in "%windir%\system32\drivers\etc\hosts" for windows systems
* Update win_hosts.py
* Add alias support to win_hosts module (#1)
* win_hosts supports aliases
added support for adding / removing aliases from a host entry, rather than adding a new entry
added ability for win_hosts to detect aliases:
`192.168.1.1 alias1 alias2 alias3`
```
win_hosts:
host_name: alias2
ip_address: 192.168.1.1
```
will result in `192.168.1.1 alias1 alias3`
also includes `replace` and `add` as options for `ip_action` (`replace` is default)
for example:
```
192.168.1.1 my_reused_alias
192.168.1.2 my_reused_alias
```
with
```
win_hosts:
host_name: my_reused_alias
ip_address: 192.168.1.3
ip_action: add
```
the result will be
```
192.168.1.1 my_reused_alias
192.168.1.2 my_reused_alias
```
but with `ip_action=replace` the result would be
```
192.168.1.3 my_reused_alias
```
* fixed metadata version and version added
* fix line endings
* upload fixed line endings
try to upload the file with the fixed line endings
* aliases and canonical names are separate entities. added IPv4 and IPv6 validation
* only makes changes if "check_mode" is false
* improved behavior for duplicate aliases/entries.
* adding tests
* missing aliases file
* fix trailing whitespace and uses explicit paths
* Tweak tests to copy and restore original hosts file
* win_nssm: rename cmdlets to use approved verbs, rename service name parameters
* win_nssm: improve code style and cmdlets ordering
* win_nssm: always escape all command line parameters with Argv-ToString
fix error when the service name contains quotes
* win_nssm: use Fail-Json instead of exceptions and remove global try/catch
* win_nssm: small refactoring, inline some functions
* win_nssm: refactoring - add a generic cmdlet to idempotently set any nssm service parameter
* win_nssm: refactoring - inline some functions
To make the code more malleable for future changes
* win_nssm: change application, stdout_file and stderr_file options type to path
* win_nssm: deprecates app_parameters, rename app_parameters_free_form to arguments, and add support for list of parameters
* win_nssm: add support of check mode
* win_nssm: add working_directory option
* win_nssm: add display_name and description options
* win_nssm: minor changes
* win_nssm: remove some sanity exclusions
* win_nssm: avoid using aliases and minor style fixes
* win_nssm: doc and ui improvements
* win_nssm: remove sanity exclusions
* win_nssm: minor revision
* win_nssm: deprecates dependencies, start_mode, user and password parameters and some choices of state in favor of win_service
* win_nssm: fix style
* win_nssm: add executable option to specify the location of the NSSM utility
* win_nssm: add missing parameter types
* win_nssm: add diff mode support
* win_nssm: avoid displaying depreciation warning if default value is assigned
* win_nssm: fix variable scope
* win_nssm: use the explicit -LiteralPath parameter name instead of -Path
* win_nssm: fix documentation
* win_nssm: add porting guide entries
* win_nssm: add changelog fragment
* Enable ec2_transit_gateway test in CI.
* Mark the test unstable.
The test sometimes attempts to delete the transit gateway while it
is in the pending state, which is not permitted.
* Fix wrong example, remove strictness and fix tests
It was obvious that (because of an incorrect example) people were using
the **xml** module incorrectly, specifying the `attribute` parameter
where it was not supported (i.e. ignored).
While this functionality would have been useful, it currently returns as
if the information was requested from the parent, so we cannot simply
make it to what would be expected.
Therefor the real solution is to provide a warning when we find
incorrect use, and deprecate this use. Then later we could implement
this functionality correctly.
While troubleshooting this issue, I found that in some cases our
integration tests were not being run when we expected it.
This fixes#53459
* Change warning
* Fix weird sanity test error
* Add a comment to the deprecate-test
* Initial commit for static route module
- Create and query functionality in place today
* Enabled querying both all routes and single route
* Bug fixes and idempotency check
- Requires new idempotency code to validate, blocking on that
* Enabled test cases
* Documentation fixes
* Whitespace fix
* Major improvements based on Dag's commments
- Improved documentation and examples
- Fixed fixed IP assignments and reserved range parameters
- Improved integration tests
- Made check mode work
* Rename str to string in documentation
* Move back to str
* Fix indentation
* Fix documentation for example of fixed_ip_assignments
- Removed default=None for args
* Add support for notes
* Add test for notes
* Device notes changes
- Renamed from notes to note
- Modified tests to work
* Comment device test since it only works once
* Remove assertion stanza and move assertion to existing one
* Add version_added to note documentation
* Converted from tabs to spaces
* Added changelog fragment
* Remove changelog file since it's a feature
* Add changelog fragment
* basic plugin loading working (with many hacks)
* task collections working
* play/block-level collection module/action working
* implement PEP302 loader
* implicit package support (no need for __init.py__ in collections)
* provides future options for secure loading of content that shouldn't execute inside controller (eg, actively ignore __init__.py on content/module paths)
* provide hook for synthetic collection setup (eg ansible.core pseudo-collection for specifying built-in plugins without legacy path, etc)
* synthetic package support
* ansible.core.plugins mapping works, others don't
* synthetic collections working for modules/actions
* fix direct-load legacy
* change base package name to ansible_collections
* note
* collection role loading
* expand paths from installed content root vars
* feature complete?
* rename ansible.core to ansible.builtin
* and various sanity fixes
* sanity tweaks
* unittest fixes
* less grabby error handler on has_plugin
* probably need to replace with a or harden callers
* fix win_ping test
* disable module test with explicit file extension; might be able to support in some scenarios, but can't see any other tests that verify that behavior...
* fix unicode conversion issues on py2
* attempt to keep things working-ish on py2.6
* python2.6 test fun round 2
* rename dirs/configs to "collections"
* add wrapper dir for content-adjacent
* fix pythoncheck to use localhost
* unicode tweaks, native/bytes string prefixing
* rename COLLECTION_PATHS to COLLECTIONS_PATHS
* switch to pathspec
* path handling cleanup
* change expensive `all` back to or chain
* unused import cleanup
* quotes tweak
* use wrapped iter/len in Jinja proxy
* var name expansion
* comment seemingly overcomplicated playbook_paths resolution
* drop unnecessary conditional nesting
* eliminate extraneous local
* zap superfluous validation function
* use slice for rolespec NS assembly
* misc naming/unicode fixes
* collection callback loader asks if valid FQ name instead of just '.'
* switch collection role resolution behavior to be internally `text` as much as possible
* misc fixmes
* to_native in exception constructor
* (slightly) detangle tuple accumulation mess in module_utils __init__ walker
* more misc fixmes
* tighten up action dispatch, add unqualified action test
* rename Collection mixin to CollectionSearch
* (attempt to) avoid potential confusion/conflict with builtin collections, etc
* stale fixmes
* tighten up pluginloader collections determination
* sanity test fixes
* ditch regex escape
* clarify comment
* update default collections paths config entry
* use PATH format instead of list
* skip integration tests on Python 2.6
ci_complete
Currently, if we try to stop or start a network two time in a row, the
second call will fail. With this patch:
- we don't recreate a network, if it exists
- we only stop a network if it's active, and so we avoid an exception
saying the network is not active
* test: mock libvirt
* add integration tests for virt_net
* test: enable virt_net test on RedHat 7 and 8
* ci: use the unsupported alias
* tests that require privileged mode are run in VM
* virt_net/create raise unexpected libvirt exception
* import mock from units.compat
* virt_net: do not call create() on "active" network
* virt_net func test: only clean up the libvirt packages
* test: virt_net: don't use assert_called()
* virt_net: add the destructive alias
* move the test in virt_net dir
* test/virt_net: clean up the network at the end
* win_shell: Implement option 'profile', allowing the user to control powershell profile sourcing before running a command
* Set version_added to 2.8
* Make sure profile directory exists before writing profile file
* Changes to make tests immutable and align with ps args
* Use locking for concurrent file access
This implements locking to be used for modules that are used for
concurrent file access, like lineinfile or known_hosts.
* Reinstate lock_timeout
This commit includes:
- New file locking infrastructure for modules
- Enable timeout tests
- Madifications to support concurrency with lineinfile
* Rebase, update changelog and tests
We need to specify ansible_python_interpreter to avoid running interpreter discovery and selecting the incorrect interpreter.
Remove the import of lock in known_hosts since it is not used.
* Fix service integration test python selection.
* Clean up source in ansible_test_service.
* Rename script to include in python tests.
* Make shebang templating sanity friendly.
* Fix checksum.
* Use realpath of python to avoid selinux issues.
* Added support for types parameter
- Parameter is used to specify multiple network types
* Fix documentation
* Apply suggestions from code review
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
* Reworked type parameter to be a list so types isn't needed
* Re-add tags documentation
* Fix documentation around compatibility
* Convert tags to list from string
* Add changelog fragment
* Adding cnos_user module to Ansible
* Update cnos_user.py
* Adding Functional test cases and unit test cases.
* Fixing Bug found in testing with Lenovo Mars.
* Review comments incorporated
* Review comments implemented.
* Copy paste mistake
When using before and after in combination, the opposite behavior was induced. This PR makes the the replacement happen between the specified patterns as intended.
* Added integration tests
* Add changelog, porting guide entry, and minor doc fixes
* Removed required_together, updated tests
Since required_together: privatekey_path -> friendly_name, is not always
required it has been removed.
Updated openssl_pkcs12 integration tests to be in line with other
openssl_* modules, and added a test for export with no privatekey_path.
* linter fixes
* Removed cryptography from tests
* Added changelog fragment
* Removed non-necessary select_crypto_backend
* Adding networks_cli_compatible option.
* Move network tests into own test file.
* Extend tests (for networks_cli_compatible=no).
* Adding tests for networks_cli_compatible=yes.
* There seems to be no way to create a container without at least one network attached.
* Integrate networks / purge_networks with comparisons.
* Speed up tests.
* Removing double dot.
* Add changelog.
* Use comparisons value only if the networks option has been specified. purge_networks on the other hand also removes networks if it has not been specified.
* add missing integration tests for postgresql_schema module
* add missing integration tests for postgresql_schema module
* postgresql_schema: add CI test with function in module from #54237
* postgresql_schema: add CI test with function in module from #54237
* add DROP SCHEMA test with check_mode=yes #54185
* Add the constructed config with legacy settings enabled to match the script
* Add interesting characters in tags and security group names
* add strict to config
* Add a stopped instance in inventory
* Create symlinks in the test
* Add reservation details to mock
* run script and plugin with a virtual env
* call the script with ansible-inventory
* Fix code coverage collection.
* Add write helper.
* Adjust modules (except openssl_certificate).
* Adding tests for mode (with openssl_privatekey).
* Add openssl_certificate support.
* Never, ever remove the output file before actually trying to generate new content for it.
Removal is only allowed when state=absent, or when the object has been regenerated and the result needs to be written to that place.
* Add changelog.
* Extend test.
* Add documentation for tags and network access
* Documentation changes from dag and sam
* Change examples to include proper YAML and not dict
* Update lib/ansible/modules/network/meraki/meraki_admin.py
Co-Authored-By: kbreit <kevin.breit@kevinbreit.net>
* New cryptography backend for openssl_certificate
load_* functions in module_utils/crypto.py now have a backend paramter
which when set to 'cryptography' will return cryptography objects so
they can be used for both pyopenssl and cryptography backends.
Added a select_message_digest function too returning a cryptography
digest hash from `cryptography.hazmat.primitives.hashes`
Added new classes for Cryptography backend
* Run test with various backends.
* Prefixing tests.
* Make sure we have the correct backend available.
* Linting (flake8).
* Moved cryptography import to separate try/except
* Make sure certificate is actually valid at some time in the past.
* Improve error handling.
* Trying to fix validation for cryptography backend.
* Fixed issue with keyUsage test in assertonly
* Fixed CI/Lint issues
* Fix private key problem for OwnCA.
* Cryptography backend doesn't support v2 certs.
* issue an expired cert with command when using cryptography backend
* Added warning when backend is auto and v2 cert is requested
* Bumped min cryptography version to 1.6
* Correctly check for failure when backend is cryptography and cert is v2
* Use self.backend where possible
* Use secp521r1 EC when testing on CentOS6
* Fixed pylint issue
* AcmeCertificate support for both backends
* Review fixes
* Fixed missing '(' when raising error
* Fixed date_fmt loop
* Updated docs and requirements with cryptography
* Add openssl_certificate to changelog.
Fixes#40060
* Fix coding style errors
* Use CONNECTION LIMIT (no underscore)
* From review done by amenonsen and bcoca - Set default at None, make the change detection less confusing
* Added EXAMPLE on how to apply a database specific connection limit
* Added some basic tests for conn_limit applied to a database
* Check that conn_limit has actually been set / updated to 200
* Add changelog fragment regarding postgresql_db conn_limit parameter
* cs_volume: add volumes extraction and upload features
* cs_volume: Update doc, remove deprecated code
* cs_volume: Add unit tests for extract and upload features
* Force tests to set ansible_python_interpreter.
This avoids use of interpreter discovery unless tests opt-in to using it.
Avoiding interpreter discovery helps avoid selecting the wrong interpreter for tests.
* Prevent use of global inventory in tests.
This will avoid issues with tests picking up global inventory
instead of using implicit localhost as intended.
* Require hosts to exist in inventory for tests.
This will prevent tests from unintentionally passing
when hosts are not found in inventory. Does not prevent
the use of implicit localhost.
* Move check_type_str() out of basic.py
* Move check_type_list() out of basic.py
* Move safe_eval() out of basic.py
* Move check_type_dict() out of basic.py
* Move json importing code to common location
* Move check_type_bool() out of basic.py
* Move _check_type_int() out of basic.py
* Move _check_type_float() out of basic.py
* Move _check_type_path() out of basic.py
* Move _check_type_raw() out of basic.py
* Move _check_type_bytes() out of basic.py
* Move _check_type_bits() out of basic.py
* Create text.formatters.py
Move human_to_bytes, bytes_to_human, and _lenient_lowercase out of basic.py into text.formatters.py
Change references in modules to point to function at new location
* Move _check_type_jsonarg() out of basic.py
* Rename json related functions and put them in common.text.converters
Move formatters.py to common.text.formatters.py and update references in modules.
* Rework check_type_str()
Add allow_conversion option to make the function more self-contained.
Move the messaging back to basic.py since those error messages are more relevant to using this function in the context of AnsibleModule and not when using the function in isolation.
* Add unit tests for type checking functions
* Change _lenient_lowercase to lenient_lowercase per feedback
* #50877:
* add support to postgresql_privs to use "FOR { ROLE | USER } target_role"
in "ALTER DEFAULT PRIVILEGES"
* fix sanity errors
* #50877: fix documentation and add a check for correct usage
of target_roles
* #50877: fix missing absent option for default privs with target_role
* #50877: add clear description, when target_roles can be used
* #50877: fix conflicts, formatting, and add a changelog fragment
* #50877: fix sanity error E335
* #50877: swap conditions and fix error to warning msg
* #50877: add tests for default privileges
* #50877: fix tests for default privileges
* #50877: fix tests for default privileges on centos 6
* * `reconcile_candidate()`
* old code searched the ip route configs for a given prefix+nexthop and then tried to remove the route based on prefix+nexthop only; this would fail when a static route was configured with `track` values.
* new code still looks for prefix+nexthop but uses the route config it finds on the device to remove it; e.g.
* search for: `ip route 192.168.20.64/24 192.0.2.3`
* find: `ip route 192.168.20.64/24 192.0.2.3 track 1 10`
* remove: `no ip route 192.168.20.64/24 192.0.2.3 track 1 10`
* logic cleanups:
* old code did a `show run` for every prefix. This can be a lot of data when there are large configs.
* new code uses filters to only return the static route configs.
* The filters now allow a common code path so no need for default vs vrf code paths
* `sanity` test: 100% Pass rate on N9K,N7K,N6K,N3K
- Bugfix Pull Request
`nxos_static_route`
* filter() does not return a list with python3
`filter()` was breaking pytest when it ran with python3, since it returns
an iterable instead of a list with python3.
Found that I didn't really need `filter()` anyway so just removed it
* restore var names /w/want/
The unstable alias wasn't intended for slow but otherwise stable
tests. However, the alternatives are to either dedicate an entire
test group to this one test or mark it unsupported.
Marking it unstable at least permits the test to run when changes
are made to the integration test or the module itself, which is
better than not running the tests at all.
* [WIP] Additional DevTest Lab modules
* updates
* try global schedule again
* dtl schedule
* try full dtl schedule test
* fixing schedule
* fixed problem
* another fix
* fixed test
* different time format
* fixed absent state
* test policy idempotence
* more updates
* updated devtestlabpolicy
* fixed syntax
* updated dtl policy test
* updated image id
* fixed test
* fixed bug
* fixed bugs and docs
* fixed bug
* + small cleanup
* reenabled tests but disabled leaking tests
* disabled test
* Adding cnos_system module to Ansible.
* Adding UT, Functional test required for cnos_system. Bugs came up are fixed
* Adding more files to the cnos_system suit.
* Fixed another problem where `group-timeout` was processed before `ip igmp snooping` was enabled
* `sanity` playbook:
* N6K: `show ip igmp snooping | json` succeeds on the device but doesn't return any data in body; added a skip to the sanity playbook to keep it out of CI
* Added a setup task to do initial cleanup on the device
* initial commit
* fix execute and \r\n
* \r attempt 2
* updated with integration tests and using new csharp import
* Apply suggestions from code review
Co-Authored-By: rcanderson23 <rcanderson23@gmail.com>
* fixed small docuement inaccuracies wrt returns
* removal of state in feature result
* removal of rc
* small fixes suggested in code review
* fixed variable assigning to result
* addition of comments on conditionals for clarity on matching
* swap logic of check_mode
* set $reboot_required so it is always returned
* removal of extraneous return information
* addition of integration tests
* set installation of parent features to true
* remove 2008 from tests
* changed test for TelnetClient from NetFx3
* change of tabs to spaces
* Add test check for OS version
* Use local dummy repo for flatpak_remote integration tests
* Excludes versions of Ubuntu older than 16.04 from tests
Since there are no flatpak packages available for these Ubuntu versions
* Adds handler that removes temporary symlink
* win_dns: Initial work
* win_dns: initial commit
* Renaming win_dns -> win_dns_record
* win_dns_record: Fix record leakage in output
* win_dns_record: Fix erroneous minimums enforcement
It is apparently completely legitimate to specify a TTL that is below
minimum; it will just get ignored in favor of the server's minimum.
* win_dns_record: Fix new-host changes reported incorrectly
* win_dns_record: Fix TTL changes reported incorrectly
* win_dns_record: Fix existing records not recognized
* win_dns_record: Remove obsolete object
* Refactorize check mode
* Add computer_name parameter
* Refactorize diff and changed to read DNS end state
* Fix pslint tests PSUseDeclaredVarsMoreThanAssignments and PSAvoidUsingCmdletAliases
* Minor fix, misnamed variable.
* win_dns_record: Fix "changed" state in check mode
* win_dns_record: cleanups
* win_dns_record: fix TTL update not changed regression
* Add initial integration tests
* win_dns_record: integration tests
* win_dns_record: Reverted 9cf5f2d8e6507cf477ab9e7ca166b1857169d6b5
The approach from that commit breaks check mode.
* win_dns_record: de-scope some records
These are either esoteric (meaning limited realworld testing)
or require additional thought to do properly (eg MX, which
has its "priority" level).
* win_dns_records tests: Ensure DNS services are installed
* Update lib/ansible/modules/windows/win_dns_record.py
Co-Authored-By: johnboy2
* Update lib/ansible/modules/windows/win_dns_record.py
Co-Authored-By: johnboy2
* Aggregated suggestions from dagwieers
* Fix bad powershell test argument
* win_dns_record partially converted to new Powershell module interface
win_dns_record converted to new Powershell module interface, except diff
and required_if
* win_dns_record: convert diff support
* win_dns_record: convert diff support to after-before style
* Don't test for Add-WindowsFeature
* win_dns_record: Fix diff
When check mode is used diff changes must be simulated.
* Style consistency/clean-ups
* Fix integration test typos
* Improve readability of diff output
The original intention of the diff output was to resemble zone file records
(except that the zone-name is added onto each record). In that light, the
missing *record class* information (always "IN" in our case) was an oversight.
This just makes the diff output more "instantly readable" for DNS gurus.
* win_dns_record: Add diff tests
* Fix ansible-test sanity check fails
* Apply suggestions from code review
Added suggestions from dagwieers
Co-Authored-By: johnboy2 <john@jnelson.ca>
* win_dns_record: Skip 2008 and friends
* Reword error messages so they start capitalized.
* Fix sanity error
* win_dns_record: Document ttl range
* win_dns_record: Additional supportability barriers in tests
* win_dns_record: Typo
* win_dns_record: Sanity fix
* win_dns_record: Use OS-test only for compat checking
* Add an option to parse botocore.endpoint logs for the AWS actions performed during a task
Add a callback to consolidate all AWS actions used by modules
Added some documentation to the AWS guidelines
* Enable aws_resource_actions callback only for AWS tests
* Add script to help generate policies
* Set debug_botocore_endpoint_logs via environment variable for all AWS integration tests
Ensure AWS tests inherit environment
(also remove AWS CLI in aws_rds inventory tests and use the module)
* New module postgresql_facts: Gathers facts about remote PostgreSQL instances
* New module postgresql_facts: fix default values of function
* New module postgresql_facts: add extension support
* New module postgresql_facts: fixed typo
* New module postgresql_facts: added integration test
* New module postgresql_facts: fix test error
* New module postgresql_facts: add info about min server version
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: added repl stat tables checks
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: fix
* New module postgresql_facts: ansible_facts -> postgresql_facts
* New module postgresql_facts: fix ci
New module postgresql_facts: revision for review
New module postgresql_facts: revision for review, fix
* fix doc
* New module postgresql_facts: add data types to param dict
* New module postgresql_facts: code refactoring
* # This is a combination of 3 commits.
# The first commit's message is:
New module postgresql_facts: incl_subset => filter
# This is the 2nd commit message:
New module postgresql_facts: fix a typo
# This is the 3rd commit message:
New module postgresql_facts: fixes
* New module postgresql_facts: incl_subset => filter
New module postgresql_facts: fix a typo
New module postgresql_facts: fixes
Various cosmetic and doc changes
* New module postgresql_facts: fix filter type
* New module postgresql_facts: fix sanity
* New module postgresql_facts: change ansible_facts to postgresql_facts
* New module postgresql_facts: fix tests
* New module postgresql_facts: fixes
* New module postgresql_facts: fixes
* New module postgresql_facts: fixes
* New module postgresql_facts: doc fixes
* New module postgresql_facts: added pretty_val
* New module postgresql_facts: added pending restart
* New module postgresql_facts: fix documentation
* New module postgresql_facts: fix documentation
* New module postgresql_facts: fixes by KN
* New module postgresql_facts: fixed sanity
* New module postgresql_facts: fixed tests
Include path in role with directory which has 'tasks' as end.
For example, roles/sometasks/templates is now considered while searching path.
Fixes: #42585
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
The cloudscale_floating_ip module failed if no server was assigned to
the floating IP. This also adds a test to avoid a regression.
The only way to have a floating IP without a server assigned is to
delete the server where the floating IP is currently assigned. Under
normal circumstances it's not possible to have an unassigned floating
IP.
The output of pw.getpwnam() does not distinbuish between local and remote accounts. It will return a result if an account exists locally or in the directory. When local is set to True in the task parameters, look through the local password database explicitly.
* Ensure luseradd is present for tests
* Add docs and warnings about local mode
* avoid using Postgres formatting function
* add tests for ALL FUNCTIONS IN SCHEMA
* documentation and changelog
* requested changes in tests
* fixed changelog
* Add source option.
* Split force parameter into force_source, force_absent and force_tag.
* Move all build-related options into a suboption called build.
* Add changelog.
* AWS: new module ec2_transit_gateway fixes#49376
* Add permissions neeeded for integration tests
* uncomment nolog on creds
* add unsupported to integration test aliases
* remove the shippable/aws/group alias so doesn't conflict with unsupported
function changed to do in place replacement, should be less expensive even with copy as it avoids 'sub copies', can compose with module_args_copy to create replacement for old behavior
attempt to fix#52910
* handle lists and subdicts correctly
* added missing exception case, which was not noticed since 'cleaning' was not working
* added comments to clarify exceptions
* cloudscale_server: remove required parameter check
The valid parameter combinations are already checked by the API. There
is no need to check a subset of this in the Ansible module as well. This
makes it more likely that future changes in the API won't require
changes in the Ansible module.
* cloudscale_server: add password parameter
Recent revisions of the cloudscale.ch API allow setting a password for a
server. Add this option to the cloudscale_server module.
* Integration test cleanup for cloudscale modules
This refactors the cleanup procedure for the integration tests of the
cloudscale_server and cloudscale_volume modules to use an "always"
section for cleanup. The cleanup code also deletes all resources which
contain the test run prefix. This ensures that all resources are cleaned
up regardless of the actual test result which is a prerequisite for
running these tests in CI.
* Move cloudscale_floating_ip tests from legacy to integration
This also adds code to make sure that floating IPs are deleted even if a
test run fails. This is unfortunately not possible for floatint IPv6
networks.
All inventory hosts to which a connection is actually established
should declare ansible_python_interpreter to avoid interpreter
auto-discovery, as that may select the wrong interpreter.
Basic passwords are rejected by the nxos device unless `no password strength-check`
is configured. This change just makes the password meet the minimum strength checks.
* The test was setting `lsa max` value to 2222 but the default `lsa hold` value is 5000.
* `hold` must be less than `max` or else the device raises a clierror, so I just added a lower non-default `hold` value to satisfy the cli.
* Output warnings from docker daemon on container create and update.
* Accept warning for blkio_weight instead of idempotency.
* Value quoting.
* Avoid loop variable conflict.
* Add changelog.
* Make one test case faster.
* Add 'Docker warning: ' prefix.
* Add a generalized warning reporting function.
* Add rollback_config
* Add change log fragment
* Fix broken test
* Actually fix broken tests
* Add rollback_config example
* Default rollback_config as None
* Abort early if rollback_config does not exist
* Add mount options
* Remove mount readonly default
* Fix driver_config test
* Add documentation
* Add changelog fragment
* Properly indent tmpfs_ options
* Use correct service suffix for mount tests
* Check for None value on tmpfs usage check
* Document change of mounts.readonly return key
* Use correct change log type
* Really use correct change log type
* Revert changing mount.readonly to read_only
* Configurable list of facts modules (#31783)
- allow for args dict for specific modules
- add way to pass parameters
- avoid facts poluting test
- move to 'facts gathered' flag
- add 'gathering' setting tests
- allow parallel option in case serialization is too slow
- added support to automatically map network facts
uses "smart" connection mapping
* Raise OpenSSLBadPassphraseError if passphrase is wrong.
* Improve handling of passphrase errors.
Current behavior for modules is: if passphrase is wrong (or wrongly specified), fail.
Current behavior for openssl_privatekey is: if passphrase is worng (or wrongly specified), regenerate.
* Add changelog.
* Add tests.
* Adjustments for some versions of PyOpenSSL.
* Update lib/ansible/modules/crypto/openssl_certificate.py
Improve text.
Co-Authored-By: felixfontein <felix@fontein.de>
* nxos_igmp_snooping: group-timeout fails when igmp snooping disabled
group-timeout config will be rejected by the device if `ip igmp snooping` is disabled.
* raise a failure for this condition
* reorder the command list so that group-timeout is always last
* SA fixes
* SA fixes
* only call gt_dependency if gt
Test yaml fixes for n3048:
* 3048 does not support bidir option
* 3048 cannot remove rp-address if prefix-list/route-map is present
* yes: no ip pim rp-address x.x.x.x
* no: no ip pim rp-address x.x.x.x prefix-list foo
* no: no ip pim rp-address x.x.x.x route-map bar
This test now passes on N9k/N7k/N6k/N3k.
* Support FOREIGN DATA WRAPPER and FOREIGN SERVER in postgresql_privs module
* Added available from note to fdw and fs object types
* Integration tests, examples in documentation
* Complete integration tests
* [docker_image] fix the changed state for tagging and pushing
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [docker_image] add tests for (force) tagging and force pushing
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* [docker_image] add a news fragment for the fixed force tag/push behavior
Signed-off-by: Jakob Ackermann <das7pad@outlook.com>
* Fixed crash with hidden files
added "-force" parameter on "Get-Item" cmdlet. this is needed to get file info if the file is "hidden"
without this option modules like win_file, win_template, win_copy crashes on hidden files. this is because with "test-path" it sees that the file exists, but "get-item" can't get the file info.
for more information on "-force option": https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/get-item
* Add changelog and integration tests
* fix tests for older Windows versions
* nxos_vxlan_vtep: Add dependency checks
Some of the N9k-specific attrs are failing due to hardware/feature/resources.
* `global_suppress_arp`
- dependency on TCAM resources
* `global_mcast_group_L3`
- hardware dependency on specific chassis/linecards
- feature dependency on `ngmvpn`
* `global_ingress_replication_bgp`
- hardware dependency on specific chassis/linecards
Tested on N9k with/without TCAM resources, various N9k chassis, N7k, N6k. All 100% Pass.
* pylint
* Add support for Windows hosts in the SSH connection plugin
* fix Python 2.6 unit test and sanity issues
* fix up connection tests in CI, disable SCP for now
* ensure we don't pollute the existing environment during the test
* Add connection_windows_ssh to classifier
* use test dir for inventory file
* Required powershell as default shell and fix tests
* Remove exlicit become_methods on connection
* clarify console encoding comment
* ignore recent SCP errors in integration tests
* Add cmd shell type and added more tests
* Fix some doc issues
* revises windows faq
* add anchors for windows links
* revises windows setup page
* Update changelogs/fragments/windows-ssh.yaml
Co-Authored-By: jborean93 <jborean93@gmail.com>
* Document and validate mode choices
* Update examples
* Test cpu float values
* Test correct option
* Fix module return sample
* Add secrets and user to module return value
* Order options alphabetically
* Add changelog
* yaml indentation
* Revert "Order options alphabetically"
This reverts commit 51dabccda7930b707d5683670af7f89a68aeb577.
* Be consistent with choices type
* docker_swarm_service tests: use 'resolve_image: no' to avoid registry lookup if image is up-to-date.
* Improve docker_node performance: don't sleep after last try.
* Fix version checks in tests
* Set minimum version to 2.0.2
* Networks can only be updated >= docker-py 2.7
* Constraints require docker-py 2.4.0
* Healthchecks require docker-py 2.6.0
* Properly run tests different docker_py_versions
* Add changelog fragment
* Specify lowest version on placement.constraints
* Fix running new tests on older docker-py
* Handle different hosts formats returned by docker
* FIx test naming
* Quote str options
* secrets options require docker-py 2.4.0
* Replace InventoryFileCacheModule with a better developer-interface
Use new interface for inventory plugins with backwards compatibility
Auto-update the backing cache-plugin if the cache has changed after parsing the inventory plugin
* Update CacheModules to use the config system and add a deprecation warning if they are being imported directly rather than using cache_loader
* Fix foreman inventory caching
* Add tests
* Add integration test to check that fact caching works normally with cache plugins using ansible.constants and inventory caching provides a helpful error for non-compatible cache plugins
* Add some developer documentation for inventory and cache plugins
* Add user documentation for inventory caching
* Add deprecation docs
* Apply suggestions from docs review
* Add changelog
* Do not return 'instances' when wait is false
* Added integration tests for wait: false
* Added changelog fragment
* Fix test suite to work with ec2_instance
* Additional permissions
* Enforce boto3 version
* Fix broken tests
* Improve error messages
* fix linter issues
* adds fargate launch_type to ecs_task module
* White space changes
* fix documentation for running ecs task on fargate
* remove extraneous example from ecs_task
* White space changes
* Adds changelog fragment
* Pluralize minor_changes in changelog fragment
* Add Stop and Start task permissions
* New module postgresql_ping: simple module to check remote PostgreSQL server availability.
* New module postgresql_ping: simple module to check remote PostgreSQL server availability, doc fixes
* postgresql_ping: added integration tests
* New module postgresql_ping: misc changes
* New module postgresql_ping: change return suit
* New module postgresql_ping: tests reformatting, return value
* Various cosmetic/documentation fixes
* A few more fixes
* And even more cleanups
* Fix PEP8 issue
* Extend win_psmodule - rebased at 2019-01-07
* Change a way how defined parameters are added to the list
* Correct registering a repository
* Change way how tests for the check_mode: true are run
* Post-review updates
* Post-review updates -2
* Post-review updates -3
* Switch to PowerShell loop
* Minor updates
* Remove variants of an exception handling
* Change error handling
- The openssh_keypair module will return a public key output on the
private key creation.
- Add integration test in order to verify the public key output.
* set valid_until equal to current time + spot_wait_timeout
* Add checksum check for downloaded file.
* refactoring
* fix typo
* add fixes
* mart try,catch handling
* revert lib/ansible/modules/cloud/amazon/ec2.py from upstream
* refactoring
* remove empty lines
* add checksum verification for existing file
* fix current file check
* refactoring destination file check
* add handling exceptions
* refactoring
* Added download file hash data from url
* fix string aligning
* fix bug with uri
* Added get hash from multy-string file
* Added URI support for checksum file location
* refactoing
* Remove any non-alphanumeric characters for hash from url
* fix discussions; add support for PS3
* refactoring
* add size return value
* checkout from upstream for lib/ansible/modules/cloud/amazon/ec2.py
* add Ansible.ModuleUtils.Legacy support; refactoring
* Copyright added
* Checking files size before and after downloading added.
* remove unused code
* Corrected regexp for dotted slashed file name prefix in hash-file
* hotfix typo error; add int tests
* remove legacy module support; split checksum to checksum, checksum_algorithm, checksum_url
* changed default hash algorithm
* Fixed case for ContentLength = -1
* Old comment removed
* fix typo
* Remove file size check before downloading
* add alias to ; fix tests
* adjust tests; fix lint warnings from PSScritpAnalyzer
* workaround for bug in win_chocolatey module on win2008
* remove win_get_url.ps1 from /test/sanity/pslint/ignore.txt
* add checksum_algorithm as retuen value
* first normalise before return Result
* resolve discussions
Signed-off-by: Viktor Utkin <viktor.utkin7@yandex.ru>
* fix discussions
fix http tests as discussed
* fix last discussions
* Reduce code duplication and add idempotency check
* fix sanity issue and remove testing code
* move back to using tmp file for checksum comparison
* Decreasing docker_swarm requirements.
* Fixing docker-py / docker API version requirements, and some comments.
* Add changelog.
* Only send parameters specified by user to docker daemon.
* Extend labels test: not specifying == keep labels.
* Bump minimally required docker-py version for docker_node and docker_node_facts to 2.4.0.
* Prevent crashing when publish or healthcheck is not provided.
* Similarly to docker_swarm tests, only execute docker_node tests on real VMs and restart docker daemon when tests are done.
* Look in /lib/molly-guard for shutdown command
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Add parameter for extra_search_paths
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Change option to search_paths
- Update docs
- Make the parameter replace the default values
- Add some sanity checking on the data type
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Correct parameter in tests, change conditional for molly-guard tasks
Signed-off-by: Sam Doran <sdoran@redhat.com>
* Address feedback
* Simplify field validation
Needed the try except in case a non-iterable type is put in the search_paths field